<we><edit> <!-- questions and answers -->
group-theory
elliptic-curves
cbc-mac
substitution-cipher
stream-cipher
keys
zero-knowledge-proofs
random-number-generator
classical-cipher
sha-1
rsa
pairings
cryptographic-hardware
xor
ed25519
multiparty-computation
rc4
one-way-function
terminology
chosen-ciphertext-attack
authenticated-encryption
brute-force-attack
password-hashing
security-definition
hmac
hash
In a very simplistic and step by step example, how do I get the 'w' values for SHA256?
hash
sha-256
Does keyless encryption exist?
hash
encoding
Are there cryptographic hash functions that can be computed using only paper and pen without leaking any information about the plaintext?
hash
one-way-function
pen-and-paper
white-box
Hashing Resource ID Into Publicly Known Value Securely
hash
Backward Expansion of SHA1
hash
collision-resistance
sha-1
Why does Signal repeatedly hash the secure passphrase?
hash
algorithm-design
key-derivation
Differences between sponge construction, hash function and random oracles.
hash
oracle
Public Key Encryption, how do you handle not trusting the middle man?
encryption
hash
public-key
How to perform Stampery.com's Merkle Proof?
hash
merkle-damgaard
Can someone explain RSA-PSS to me?
hash
signature
rsa-pss
Will the ECDSA with SHA-3 implementation be quantum-proof?
hash
dsa
sha-3
quantum-resistance
Are there two known strings which have the same MD5 hash value?
hash
cryptanalysis
collision-resistance
md5
Purpose of folding a digest in half
hash
random-number-generator
entropy
sha-1
Where did the SHAKEs come from in SHA3?
hash
algorithm-design
sha-3
keccak
sponge
Are there better alternatives to CRC32 for distributed download components hash calculation?
hash
integrity
Proving a Hash in Another Hash
hash
Collision-resistance of $H\Bigl(\bigl(H(m_1\mathbin\| 1)\oplus H(m_2\mathbin\|2)\oplus\dots\oplus H(m_n\mathbin\|n)\bigr)\mathbin\|n\Bigr)$?
hash
collision-resistance
What was the first hash and what problem was it supposed to solve?
hash
history
What is a fast good-uniformity hash function that if it's seed and it's hash values are unknown, can be strong as cryptographic hash functions?
hash
collision-resistance
crc
What was NIST’s reason to switch naming from MD… (Message Digest) to SHA… (Secure Hashing Algorithm)?
hash
reference-request
terminology
nist
standards
Why is $H(k\mathbin\Vert x)$ not a secure MAC construction?
hash
mac
Create a CR hash function where truncating one bit leads to collisions
hash
collision-resistance
Which algorithm has better performance (HMAC, UMAC, and Poly1305)?
hash
hmac
integrity
poly1305
universal-hash
Textbook RSA signature not secure against existential forgery under known message attack?
hash
rsa
signature
forgery
How would Keccak-1024
hash
sha-3
keccak
Salt passwords with the username?
hash
passwords
salt
password-hashing
What are preimage resistance and collision resistance, and how can the lack thereof be exploited?
hash
collision-resistance
security-definition
preimage-resistance
Why do we pad the length of the message at the end in Merkle–Damgård constructions?
hash
algorithm-design
collision-resistance
merkle-damgaard
Why is SHA-3 a Sponge function?
hash
sha-3
standards
keccak
sponge
Similarity Identification on Encrypted Data
hash
Strength of Hash obtained by XOR of parts of SHA3
hash
collision-resistance
sha-3
keccak
Is there a variant of Merkle tree with no traceability from root to leaves?
hash
Anti-spamming hash-based proof-of-work?
hash
algorithm-design
key-derivation
proof-of-work
Can Whirlpool take advantage of AES-NI?
hash
aes
implementation
Is it possible to retrive the Hash from an encrypted folder?
encryption
hash
Matyas–Meyer–Oseas for super-fast single-block hash function
hash
aes
block-cipher
algorithm-design
post-quantum-cryptography
Stateless and deterministic number generation
hash
pseudo-random-generator
hash-tree
Securing the hotspot with maintaining Deep packet İnspection
encryption
hash
pki
What is the current time limit of Keccak inversion?
hash
sha-3
keccak
Multikeyed Hash: known algorithms?
hash
hmac
mac
multiparty-computation
Does a concatenation of hashes of differently prefixed variations of any chosen message contain all possible finite bitstrings?
hash
randomness
pseudo-random-generator
random-oracle-model
Does there exist a highly irreversible hash function or a highly irreversible pseudo-random number generator?
hash
collision-resistance
Encryption in popular compression file formats - 7zip, RAR, Zip
encryption
hash
passwords
password-based-encryption
Combining multiple hash functions for HKDF
hash
random-number-generator
hkdf
How does hashing help improve password security?
hash
Salt length for a single password
hash
salt
password-hashing
Which symmetric encryption systems, pseudorandom number generators, and hash functions are best suited for reversible computers?
encryption
hash
pseudo-random-generator
Is it possible to break SHA-512?
hash
attack
sha-512
Doubts about Authenticated Data Structures logic
hash
rsa
signature
authentication
hash-tree
How to prove that a hash or an encrypted message was obtained from a plaintext that has a certain pattern?
hash
public-key
What does "message schedule" mean in SHA-256?
hash
sha-1
sha-256
How does Truecrypt change password without the need for a complete re-encryption of volume
hash
Combining keys after key expansion: is it secure?
encryption
hash
xor
algorithm-design
Optimal way to bind two hashes
hash
hmac
sha-256
Collision-free one-wayish function mapping 32 bit to 32 bit
hash
collision-resistance
one-way-function
collision and pre-image difference
hash
collision-resistance
preimage-resistance
How to hash elliptic curve point to a binary string
hash
Is it cryptographically safe to replace initialization buffer of hash function with random data?
hash
randomness
XOR Encryption with bcrypt password de-biasing
hash
xor
bcrypt
Can someone please design a hash function based scheme and solve this problem for me?
hash
algorithm-design
functional-encryption
linear cryptanalysis of hash function
hash
linear-cryptanalysis
AUTHENTIFY MERKLE TREE: In the passage below how is A able to confirm YB in the public file only knowing R, log2 intermediate values, and YB itself?
hash
Does preimage resistance and/or collision resistance imply the infeasiblility of finding fixed points in hash functions?
hash
collision-resistance
preimage-resistance
Why is plain-hash-then-encrypt not a secure MAC?
hash
protocol-design
mac
Are there any known values for common hashes known to have no preimage
hash
preimage-resistance
bcrypt
password-hashing
Difference between H(A)+H(B) and H(A+B)
hash
Is a hash function based on multiple nested iterations of HMAC-SHA-256 cryptographically weaker than SHA-512?
hash
algorithm-design
Use case for extendable-output functions (XOF) such as SHAKE128/SHAKE256
hash
reference-request
sha-3
xof
Difficulty of generating a string "The (md5|sha1) hash of this string is (x)" that hashes to (x) vs. regular hash collision between files?
hash
collision-resistance
sha-1
md5
hardness-assumptions
Salt and pepper at both client and server sides?
hash
entropy
md5
salt
password-hashing
Why is H(k || m || k) secure against birthday attack?
hash
collision-resistance
For any 256 bit string, is there some input to SHA256 that produces this string?
hash
sha-256
Designing a hash function from first principles rather than depending on heuristics
hash
collision-resistance
Is SHA-1 still practically secure under specific scenarios?
hash
collision-resistance
sha-1
What are the odds of collisions for a hash function with 256-bit output?
hash
collision-resistance
A strange phenomenon of the composition of permutations of order 2
encryption
hash
permutation
pseudo-random-permutation
Implementing Target collision resistant hash function
hash
collision-resistance
Making attacks on password hashes less economical
hash
complexity
cryptographic-hardware
proof-of-work
memory-hard
I think PBKDF2 may be better than Scrypt? Looking for someone to point out my logical error
hash
cryptanalysis
pbkdf-2
sha-512
scrypt
Notation question for hash functions
hash
Are Edon-R 512 and Blue Midnight Wish 512 safe/recommendable?
hash
Winternitz-OTS+ with Poly1305
hash
signature
post-quantum-cryptography
poly1305
Do identical strings always have the same SHA-256 value?
hash
sha-256
algorithm-design
eXtended Merkle Signature Scheme (XMSS) vs Leighton-Micali Signature (LMS)
hash
signature
hash-signature
Proving/verifying keys for zero knowledge proof (zkSNARK) in a simple case (possession of a string whose hash is x)
hash
zero-knowledge-proofs
Tamperable hash function
hash
crc
Why hash ( clear text + Secret ) instead of hash (encrpt(clear text) [ + secret ] )
hash
aes
sha-2
ssh
Exchanging pre-image of hash over a network securely
hash
key-exchange
salt usage for hashed password storage - design consideration
hash
salt
password-hashing
secure-storage
BLS aggregate signatures for relay node non-interactive incentive accounting
hash
public-key
schnorr-signature
bls-signature
Hashing list: concatenation vs prepending
hash
HMACSHA256 2.5 times faster than HMACSHA512
hash
hmac
sha-256
sha-512
Best way to hash two values into one?
hash
Is it possible to find two sets such that their hash xor summation is the same?
hash
xor
Why a Blockchain cannot confirm "Membership Proof" as can a Merkle Tree?
hash
hash-tree
Tamper-proofing log files
hash
rsa
signature
authenticated-encryption
file-encryption
What is the relation between the existence of a cryptographic hash function and the existence of a PRG?
hash
pseudo-random-generator
How unique and secure are verification codes created from different hashes?
hash
mixing-function
Can we modify any hash function like SHA-1 or MD5 to perform multiple iterations at once to gain calculation speed?
hash
algorithm-design
SHA-1 collisions - what about practical attacks?
hash
collision-resistance
sha-1
attack